Restrict non-itil and non-admin users from navigating to native UI by manipulating the URL

Go to solution
Valere Cheudjo
Tera Contributor

‎07-17-2023 11:15 AM

Hello community,

We don't want non-itil and non-admin users to access Native UI platform using web link.

According to the KB : Restrict ESS or non-role users from navigating to native UI by manipulating the URL - Support and Tr...we have implemented this UI Script :

addLoadEvent(function()
{
if(!g_user.hasRoleExactly('itil') || !g_user.hasRoleExactly('admin') && document.URL.indexOf('.do')!= -1)
{
window.location='/sp';
}
else
{return}

});

Unfortunately, it was redirecting all users (including users with Admin and Itil roles) to the Portal because the link to access our instance contains : ".do"
e.g : https://xxxxdev.service-now.com/login.do


Has someone have any relevant experience to achieve this without using UI Scripts? or how can we improve our UI Script ?

Your contribution would be appreciated

Thanks



0 Helpfuls
  • 2,015 Views
1 ACCEPTED SOLUTION

Go to solution
Tony Chatfield1
Kilo Patron
In response to Valere Cheudjo

‎07-17-2023 07:01 PM

Have you tried excluding the login URL and any other url's that may be part of the login\pw reset prcoess?
A simple fix might be to set data in the user session via the spEntry script and use this session data to identify your 'portal' users (and/or portal), this way you would be referencing data that did not exist until the user had logged in.

View solution in original post

7 REPLIES 7

Go to solution
Valere Cheudjo
Tera Contributor
In response to Valere Cheudjo

‎07-17-2023 06:46 PM

Dear Tony, 

 

The issue is the link to access our ServiceNow Instance as you can see in the picture: 

 

ValereCheudjo_0-1689644608547.png

 

The ".do" contains in the UI Script will automatically redirect any user to the Service Portal no matter he has Itil/ Admin role or not.


We have test the script many times, still have the same results

 

Thanks

 

0 Helpfuls

Go to solution
Tony Chatfield1
Kilo Patron
In response to Valere Cheudjo

‎07-17-2023 07:01 PM

Have you tried excluding the login URL and any other url's that may be part of the login\pw reset prcoess?
A simple fix might be to set data in the user session via the spEntry script and use this session data to identify your 'portal' users (and/or portal), this way you would be referencing data that did not exist until the user had logged in.

Go to solution
Valere Cheudjo
Tera Contributor
In response to Tony Chatfield1

‎07-19-2023 12:51 PM

Hello Tera,

I have excluded the login URL and it works.

Thanks a lot !

Regards

0 Helpfuls